Every CVE whose affected-product data names Bravenewcode Wptouch, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-3417 — CVSS 8.8 (high): The WPtouch WordPress plugin before 4.3.45 unserialises the content of an imported settings file, which could lead to PHP object injections…
CVE-2011-4803 — CVSS 7.5 (high): SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL…
CVE-2022-3416 — CVSS 7.2 (high): The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to…
CVE-2010-4779 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote…